pycode-browser Predictable Temporary File Vulnerability

A predictable temporary file vulnerability has been identified in pycode-browser versions prior to 1.0. This vulnerability allows the application to use a predictable temporary file in the /tmp directory, which can lead to overwriting of the file's contents. The issue can be reproduced by modifying a test program in pycode-browser and executing it without saving the changes, causing the application to write to the predictable temporary file.

Impact

Exploitation of this vulnerability can lead to a symlink attack, where an attacker could manipulate the predictable temporary file usage to overwrite files or disrupt application behavior.

Reproduction

To reproduce this vulnerability, launch pycode-browser and open a test program. Modify the program without saving the changes, then click the Execute button. The application will write the modified contents to a predictable temporary file, overwriting any existing data. This behavior indicates the presence of the vulnerability.

Remediation

Users can upgrade to pycode-browser version 1:1.0-1 to address this vulnerability.